Phishing – obtaining financial or other confidential information from internet users, typically by sending an email that looks as if it is from a legitimate organization (often a financial organization), but contains a link to a fake website that replicates the real one.
Spoofing – is the creation of email messages with a forged sender address. It is a tactic used in phishing and spam campaigns as recipients of emails are more likely to open an email when they think it has been sent by a legitimate source.
10 Hints to spot spoofed emails:
- The use of poor spelling and grammar
- Unexpected email attachments
- Missing or old company logos
- Sudden requests for personal information
- Sudden requests for a payment to be made
- Generic email subject or greeting
- Suspicious links in emails
- Amazing offers (to good to be true)
- Unexpected prizes
- Unexpected inheritances (often foreign)
Don’t open supplied links and never disclose personal information and PIN numbers – contact the organization to verify information through publicly available numbers or addresses – not via numbers and addresses supplied in the phishing email itself!